美文网首页大数据 爬虫Python AI Sql大数据玩转大数据
使用Kerberos安全读取HDFS文件

使用Kerberos安全读取HDFS文件

作者: 大猪大猪 | 来源:发表于2018-07-12 02:02 被阅读27次

    使用指南

    导入依赖包

    compile group: 'org.apache.hadoop', name: 'hadoop-hdfs', version: '2.7.6'
compile group: 'org.apache.hadoop', name: 'hadoop-common', version: '2.7.6'

    krb5.conf 文件(从KDC服务器上复制下来)

    [libdefaults]
  renew_lifetime = 7d
  forwardable = true
  default_realm = EXAMPLE.COM
  ticket_lifetime = 24h
  dns_lookup_realm = false
  dns_lookup_kdc = false
  default_ccache_name = /tmp/krb5cc_%{uid}
  #default_tgs_enctypes = aes des3-cbc-sha1 rc4 des-cbc-md5
  #default_tkt_enctypes = aes des3-cbc-sha1 rc4 des-cbc-md5

[logging]
  default = FILE:/var/log/krb5kdc.log
  admin_server = FILE:/var/log/kadmind.log
  kdc = FILE:/var/log/krb5kdc.log

[realms]
  EXAMPLE.COM = {
    admin_server = storm1.demo.com
    kdc = storm1.demo.com
  }

    admin.keytab 文件位置(从服务器复制下来)
    生成方式

    root@storm1 ~# kadmin.local
Authenticating as principal admin/admin@EXAMPLE.COM with password.
kadmin.local:  xst -k admin.keytab -norandkey admin/admin
Entry for principal admin/admin with kvno 6, encryption type aes256-cts-hmac-sha1-96 added to keytab WRFILE:admin.keytab.
Entry for principal admin/admin with kvno 6, encryption type aes128-cts-hmac-sha1-96 added to keytab WRFILE:admin.keytab.
Entry for principal admin/admin with kvno 6, encryption type des3-cbc-sha1 added to keytab WRFILE:admin.keytab.
Entry for principal admin/admin with kvno 6, encryption type arcfour-hmac added to keytab WRFILE:admin.keytab.
Entry for principal admin/admin with kvno 6, encryption type camellia256-cts-cmac added to keytab WRFILE:admin.keytab.
Entry for principal admin/admin with kvno 6, encryption type camellia128-cts-cmac added to keytab WRFILE:admin.keytab.
Entry for principal admin/admin with kvno 6, encryption type des-hmac-sha1 added to keytab WRFILE:admin.keytab.
Entry for principal admin/admin with kvno 6, encryption type des-cbc-md5 added to keytab WRFILE:admin.keytab.
kadmin.local:  exit

    在当前目录会生成一个文件

    root@storm1 ~# ls
admin.keytab

    JAVA代码

    public void testExist() throws IOException {
        String file = "hdfs://storm1.demo.com:8020";
        System.setProperty("java.security.krb5.conf", "/etc/krb5.conf");
        Configuration conf = new Configuration();
        conf.set("hadoop.security.authentication", "kerberos");
        conf.set("java.security.krb5.conf", "/etc/krb5.conf");
        UserGroupInformation.setConfiguration(conf);
        try {
            UserGroupInformation.loginUserFromKeytab("admin/admin", "/Users/huanghuanlai/dounine/kerberos/keytabs/admin.keytab");
        } catch (Exception e) {
            e.printStackTrace();
        }
        FileSystem fs = FileSystem.get(URI.create(file), conf);
        System.out.println(fs.exists(new Path("/")));
    }

    运行效果


    image.png

    相关文章

      网友评论

        本文标题:使用Kerberos安全读取HDFS文件

        本文链接:https://www.haomeiwen.com/subject/csxlpftx.html

        延伸阅读

        深度阅读

        • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

        栏目导航

        热点阅读

        大数据 爬虫Python AI Sql

        大数据

        玩转大数据

        大数据,机器学习,人工智能

        大数据分析

        关于我们|服务条款|联系我们|使用Kerberos安全读取HDFS文件|投稿指南|网站地图|RSS订阅|排版工具|手机版

        提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

        Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

        备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

        本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

        所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!